Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

The Application Security Assessment Checklist for Cloud Native Environments

A cloud-based application security assessment (or ASA) is a systematic evaluation to identify vulnerabilities and improve security in cloud applications. It aims to ensure the application’s structural, design, and operational integrity against all cyber threats. A staggering 82% of data breaches in 2023 involved data stored in the cloud.

Rising Threats: Navigating the Surge of Cybersecurity Challenges in K-12 Schools

When thinking about which industries get targeted most often in ransomware attacks, many people think that large healthcare and financial institutions would be at the top of the list. Most people don’t associate cyber attacks with K-12 schools. However, a recent cybersecurity report noted that lower education, or K-12 schools, is the single most targeted industry for ransomware attacks, with 80% of schools reporting a ransomware attack in 2023.

Govt. AI Directive, Accountability in AI and More - AI Regulation and Governance Monthly AI Update

In a move to harness the transformative power of artificial intelligence (AI) while mitigating associated risks, the Executive Office of the President has issued a landmark memorandum directing federal agencies to advance AI governance, innovation, and risk management. Spearheaded by Shalanda D. Young, the memorandum underscores the importance of responsible AI development in safeguarding the rights and safety of the public.

FBI Warns US Retailers That Cybercriminals Are Targeting Their Gift Card Systems

The FBI has issued a warning to US retailers about a financially-motivated malicious hacking ring that has been targeting employees with phishing attacks in an attempt to create fraudulent gift cards. Staff at the corporate offices of US retail companies have been the target of highly-sophisticated email phishing and SMS phishing ("smishing") attacks. These attacks attempt to gain access to employee accounts, IT systems, and cloud services used by the company.

Unauthenticated Out-of-Bounds Memory Read Vulnerability in Citrix NetScaler ADC and Gateway

On May 6, 2024, Bishop Fox publicly disclosed a vulnerability along with a proof of concept (PoC) exploit in Citrix NetScaler ADC and Gateway, identified as an unauthenticated out-of-bounds memory read issue in the components used for Authentication, Authorization, and Auditing (AAA).

Dynamic Bad Actor Scoring in Coralogix

Bad bots, hackers, and other malicious agents can be tracked by a huge volume of metrics – session activity, HTTP headers, response times, request volume & cadence, and more. This complexity has created a market for siloed, complex, and extremely expensive tools. In contrast, Coralogix can consume simplistic data, like CDN logs, and derive complex, dynamically changing scores. When coupled with built-in cost optimization and the wider platform features, this makes a very compelling case.

SASE for Retail: Growing the Bottom Line

Retail and hospitality businesses prioritize delivering exceptional customer service and growing revenue. Just as their mission relies on a service-oriented staff and quality products, it also requires secure and reliable connectivity. A high performing and secure network enables retailers to offer consistent and positive consumer interactions across online and physical stores around the world.

Trusted Signing: The Microsoft Way to Safeguard Your Applications

With the advent of digital technology that makes its way into every sphere of our lives, software’s reliability and integrity are particularly important. Hackers never stop trying to gain unauthorized access and exploit application weaknesses to achieve their goals and gain from outact. This can mean peril respectively for individuals and organizations.

And That's a Wrap on RSAC 2024

As we navigate through an era increasingly dominated by artificial intelligence, the theme of RSAC 2024, “The Art of the Possible,” couldn’t be more apt. This year, Zenity, a trailblazer in securing and governing business productivity tools like Copilot for M365, Power Platform, Salesforce, and ServiceNow, highlighted the vast possibilities—and the associated risks—of democratized technology and software development.

Global DDoS Weapons in 2024: Bots Run Wild

What do you get when you bring soaring numbers of connected devices online around the world—more than 29 billion by 2027? For consumers and businesses, the Internet of Things (IoT) promises a life of ever-increasing convenience, efficiency, and insight. Unfortunately, cybercriminals have just as much to celebrate.